MiSec Jackson Meetup June 2015

Matt France is presenting Network Security Fundamentals – The Low Hanging Fruit on June 9th at 7pm.

Abstract: Network security is a topic that’s been beaten to death and has been around since the dawn of most of our careers as infosec professionals. What I am here to do is examine the modern day approach to network security and provide suggestions to both the seasoned network veterans and mom-and-pop shop network admins alike. Many simple steps can be taken to increase the likelihood of preventing (or at least slowing) an attack, detecting the attack, forensically examining the attack, and finally remediating. There are a ton of high-value, low-cost features in modern networking equipment that change the dynamic of old attack vectors like MitM attacks. From protecting your clients, to segmenting your servers this talk has it all.

Bio: Matt is a Network Security Engineer employed by Consumers Energy, with a Bachelor’s degree in Computer Science and Engineering from Michigan State University. He has a strong background in deep packet analysis, IP protocols, network forensics and familiarity with many programming languages. Matt has a passion for computer hardware, an appreciation for all things fast and powerful, computer hardware or otherwise. His hobbies are a reflection of that appreciation and as a result he enjoy fast cars, offroad vehicles (He’s a sucker Jeeps or Tacomas) and a hobbyist level of experience at building GPU based password cracking systems. He holds several certifications that reflect his experience, including a GIAC GPEN, GISP, GCIA and ISC^2 CISSP.

Location:
Consumers Energy
One Energy Plaza
Jackson, MI 49201

MiSec Southfield Meetup May 2015

Steven Fox is presenting a recap of the RSA Conference. Afterwards, J Wolfgang Goerlich is presenting Lifecycle Management. The meeting is at 7 pm on Thursday, May 14th.

The adoption of Cloud technologies elevates the role of security leadership while elevating the threat to our technology. Cloud allowed us to step away from infrastructure tasks and freed us to focus on strategic activities; applying security controls to the lifecycle rather to the individual equipment. Using Cloud services as an example, this session provides guidance on advancing our security posture, building our security culture, and increasing our influence with stakeholders. We will walk through the entire lifecycle: building the business case, shaping the deployment project plan, executing, shifting into operations, and finally retiring the Cloud service. At each stage, we will share guidance on incorporating security activities and integrating the new service with existing security programs. The resulting lifecycle will take advantage of our new role to better protect our technology.

Location:
300 Galleria Officentre, Suite 103
Southfield, MI 48034

MiSec Jackson Meetup May 2015

Chris Maddalena is presenting Clear as FUD, at 7 pm on Tuesday May 12th.

Our technology is becoming easier to use and friendlier towards users who would struggle to use a PC. This is a wonderful change that has opened up new possibilities for them to learn, connect, and explore by making is simpler for them to browse the web and use email and social media. The downside is they don’t fully understand the technology and this makes them easy marks for scammers. They see only half of the picture, gathered from news reports and bite-sized explanations they’ve read or heard. This affects not only regular people, but our lawmakers and politicians, too. This lack of understanding has the potential to cause lasting harm by creating misinformation, negative views of those who identify as hackers, and a fear of the internet. We can help by doing what we do every day: talking about it.

We’ll discuss examples of how a lack of understanding has hurt different people and groups, how we got to this point, and how we can do some little things that will make a big difference.

Location:
Consumers Energy
One Energy Plaza
Jackson, MI 49201

MiSec Jackson April 2015 Meetup

Jim Beechey (@jim_beechey) will be speaking on “Communicating Up The Stack: Layers 8, 9 and beyond” at 7pm on April 14th.

Abstract: “Genius is the ability to put into effect what is on your mind” F. Scott Fitzgerald.  Our industry, Information Security, is filled with brilliant people.  However, one of our biggest challenges is our ability to communicate properly within our organizations.  This talk is aimed at technical professionals and will provide concrete examples for rapidly improving communication up the chain of command with the goal of having more impact on your organizations security posture.

Location:
Consumers Energy
One Energy Plaza
Jackson, MI 49201

Please use the parking structure off of the Francis Street.
one-energy

MiSec Jackson Social Night – March 2015

Come join some of the MiSec Jackson crew as we take over a few tables at the Night Light on March 31st at 6pm.

Hang out, talk tech, random ideas and enjoy some food and drinks. (Pay your own way.).

Location:
Night Light
145 W Pearl St
Jackson, MI 49201

Ping Kyle Andrus (@chaoticflaws) or Matt Johnson (@mwjcomputing) for more information.

MiSec Southfield Meetup March 2015

Nerdy Beardo will be presenting “Defense in Depth with AOP” for our quarterly OWASP Detroit meeting.

Web application security has never been harder. Our adversary is cunning and clever, and with software becoming more and more complex its harder than ever to ensure security. This presentation is about using Aspect Oriented Programming to help organize our code in a way that makes implementing security practices easier, centrally maintained and helps to bring security to the forefront of the software development process. Our aim is to slow or stop our attackers on multiple levels using AOP as our mechanism for achieving this. Code for this talk will be in C# with PostSharp however the concepts can be applied to virtually any programming language or AOP tool.

Thursday, March 12th, 7 pm
300 Galleria Officentre, Suite 103
Southfield, MI 48034

MiSec Jackson March 2015 Meetup

Steve Motts (@Fugawi72) is presenting “Excuse me while I BURP” at 7pm on March 10th.

While it is customary in some societies to excuse yourself when expelling a gaseous mixture, sometimes burping has its advantages and needs no apology. This talk will introduce Burp Suite (interception proxy) and how it can help to expel technical web flaws (non-gaseous). It will contain an overview of the tool and demonstrate some key features against sample vulnerable web applications.

 

NOTE: We are at a new location starting in March. We would like to thank Spring Arbor University for helping get MiSec Jackson off the ground. 

Location:
Consumers Energy
One Energy Plaza
Jackson, MI 49201

Please use the parking structure off of the Francis Street.
one-energy

MiSec Jackson February 2015 Meetup

Owen Creger is presenting: A Strategic Shift in Information Security.

The information security community has for a long time been using the medieval strategy of building castles to secure territory; better known as defense in depth. The strategy of defense in depth, while still very effective, does have its weaknesses. The digital arena is very fluid environment, and adversaries have adapted their strategies to deal with defense in depth. It is the age old problem of “If you build a better mouse trap, you end up with smarter mice.”

A new reality in information security has developed that it is now a matter of when, not if an organization is breached. This new reality compels an information security organization to search for new strategies to deal with an evolved adversary. Many organizations are now adopting contemporary military strategic thinking to help them address these new threats. Lockheed Martin was the first organization to start the move towards adopting contemporary military strategic thinking, with their paper on the Cyber Kill Chain. Other organizations has further adopted other current military strategies including those of Operational Security (OPSEC), Terrain and Plane, Intelligence, and the OODA Loop. This presentation will discuss these contemporary military strategies and how they can be implemented in the digital realm.

Tuesday, February 10th, 7pm
Spring Arbor University
113 West Michigan Ave, Suite 201
Jackson, MI 49201

MiSec Royal Oak Meetup January 2015

Ron Ulko will be presenting on Recon with Elastic Search, how to protect an organization by scouring the Web and Internet for intellectual property and signs of coming attack.

Important: Beginning in January, our #misec Southfield meet-ups will be hosted at Liberty Center One. Stay tuned as we expect to do one more venue change in 2015.

Thursday, January 15th @ 7 pm
Liberty Center One
4815 Delemere Ave
Royal Oak, MI 48073

A sneak peak at what is to come:

  • February Royal Oak: Owen Creger on Incident Management
  • March Royal Oak: OWASP Detroit

 

MiSec Jackson Meetup January 2015

It is official. The launch of MiSec Jackson on January 13th, 2015 at 7pm!

We will be kicking off the meeting with a quick intro into MiSec and then we will have MiSec Jackson’s first speaker.

Kyle Andrus will be speaking on Basic Windows Computer Forensics.

Basic Windows Computer Forensics – This talk will be targeted towards individuals interested in learning some of the basics of Windows Computer Forensics. We’ll cover some of the details that can be pulled out of the registry, disk, and memory of machine running Windows. The talk will also touch on some of the tricks used to identify malicious running processes. If you have ever been interested in computer forensics and how it may differ than CSI computer forensics then this talk is for you!

Tuesday, January 13th, 2015 from 7pm – 9pm
Spring Arbor University – Jackson (Downtown) site
13 W. Michigan Ave.
Suite 201
Jackson, MI 49201

If you have any questions about the meetup, email info@michsec.org or ping @mwjcomputing and @chaoticflaws on twitter.

Return top

About MichSec.org

We are a collective of Michigan based information security professionals (or maybe just people interested in security) looking to share knowledge and make the world a safer place.